Tesla's Tough Lesson on Malicious Insider Threats

The potential damages a company can suffer from malicious insiders became a harsh reality for Tesla CEO Elon Musk, who expressed his disappointment at learning he had a saboteur within the Tesla ranks. The individual who allegedly engaged in damaging sabotage against Tesla was reportedly an employee disgruntled over not getting a promotion.

According to a report from CNBC, Musk sent an email to Tesla employees late Sunday revealing that a Tesla worker had engaged in “quite extensive and damaging sabotage” against the company. CNBC posted what it said was a copy of the email in which Musk said the sabotage included the use of false usernames to make changes to the code used in the Tesla Manufacturing Operation System, as well as “exporting large amounts of highly sensitive Tesla data to unknown third parties.”

As Musk noted, when an employee engages in such illicit activity, it is usually an act of revenge. "His stated motivation is that he wanted a promotion that he did not receive. In light of these actions, not promoting him was definitely the right move."

"This is a major reminder as to why privileged access management is a must-have for organizations that deal with sensitive information or personal information and why least privileged is a practice being adopted by many organizations,” said Joseph Carson, chief security scientist at Thycotic.

However, in a recent Raytheon-commissioned survey of IT security professionals, insider threats ranked low on the CISOs' priority lists, with only 36% saying they consider malicious or criminal insiders to be a high risk.

"Taking things at face value, this [act of sabotage] is basically a smorgasbord of cybercrime, and it could have affected any company anywhere. You have an insider threat. You have altered data affecting the factory operating system. You have leaked proprietary data. You have credential theft. And you have it all, apparently, at the hands of a disgruntled employee. It’s time to make insider threat a top priority," said Michael Daly, CTO, cybersecurity at Raytheon.

The reality that employees can act without regard for the best interest of the company will likely be a major lesson for Tesla, but it's not its only struggle right now. It also confronts ongoing issues in its electric vehicle plant. Less than 24 hours after alerting employees to the sabotage, Musk shared news of another fire in its factory, which happened during the evening of Sunday, 17 June.